General
-
Target
f7d68a7ef2986d75e2947d7a22f03577_JaffaCakes118
-
Size
36KB
-
Sample
241216-htzy2szje1
-
MD5
f7d68a7ef2986d75e2947d7a22f03577
-
SHA1
1fe822db2346db2fc27fdbb57e755e21c17a517b
-
SHA256
eceefffd5f4d0f970f801cff810e079aaa1aa1853647507388b79f8455f17529
-
SHA512
0aa1a27c3f1632edef7537e21816f248cdd7bc2960e9d8ceb115c1e4ed86168eead3524569c14e81b47a7ddd68d4d92c881b18e90aaaee3f34e4752289f32b5b
-
SSDEEP
384:vJTynDLDDD/f9gO+0RT2ZkxmQxqrPEelZ7JcFgIcNZa5n84COuRa+RdrpWl/W64U:BQLDDLWQRT2mgEeP7JcaIcN85bwYM4J
Static task
static1
Behavioral task
behavioral1
Sample
f7d68a7ef2986d75e2947d7a22f03577_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f7d68a7ef2986d75e2947d7a22f03577_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f7d68a7ef2986d75e2947d7a22f03577_JaffaCakes118
-
Size
36KB
-
MD5
f7d68a7ef2986d75e2947d7a22f03577
-
SHA1
1fe822db2346db2fc27fdbb57e755e21c17a517b
-
SHA256
eceefffd5f4d0f970f801cff810e079aaa1aa1853647507388b79f8455f17529
-
SHA512
0aa1a27c3f1632edef7537e21816f248cdd7bc2960e9d8ceb115c1e4ed86168eead3524569c14e81b47a7ddd68d4d92c881b18e90aaaee3f34e4752289f32b5b
-
SSDEEP
384:vJTynDLDDD/f9gO+0RT2ZkxmQxqrPEelZ7JcFgIcNZa5n84COuRa+RdrpWl/W64U:BQLDDLWQRT2mgEeP7JcaIcN85bwYM4J
Score10/10-
Andromeda family
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-